Vendor
Ietf Tools
Products
1
CVEs
2
Across products
2
Status
Private
Products
1- Xml2rfc2 CVEspypi
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-11059 | hig | 0.39 | — | 0.00 | Sep 10, 2025 | ### Impact When generating PDF files, this vulnerability allows an attacker to read arbitrary files from the filesystem by injecting malicious link element into the prepped RFCXML. ### Workarounds Test untrusted input with `link` elements with `rel="attachment"` before… | ||
| CVE-2025-11058 | hig | 0.39 | — | 0.00 | Aug 26, 2025 | ### Impact When generating PDF files, this vulnerability allows an attacker to read arbitrary files from the filesystem by injecting malicious link element into the XML. ### Workarounds Test untrusted input with `link` elements with `rel="attachment"` before processing. ###… |
- risk 0.39cvss —epss 0.00
### Impact When generating PDF files, this vulnerability allows an attacker to read arbitrary files from the filesystem by injecting malicious link element into the prepped RFCXML. ### Workarounds Test untrusted input with `link` elements with `rel="attachment"` before…
- risk 0.39cvss —epss 0.00
### Impact When generating PDF files, this vulnerability allows an attacker to read arbitrary files from the filesystem by injecting malicious link element into the XML. ### Workarounds Test untrusted input with `link` elements with `rel="attachment"` before processing. ###…